WHAT IS CLAIMED IS: 



I- 1 . A method for controlling access to a functional unit within a set top 

2 box, comprising: 

3 receiving first information comprising a plurality-of functional unit 

4 - identifiers and one or more tier requirements respectively related to each functional unit 

5 identifier; . 

6 receiving second information comprising tier rights; 

7 correlating the functional unit identifiers to their respective tier 

8 - requirements; . ^ _ - ' 

9 interacting with the fimctional unit; 

10 _ determining if the respective tier requirements are satisfied by the tier 

1 1 rights; and- 

12 authorizing further interaction with. the functional unit. 

1 ' 2. The method for controlling access-to the functional unit within the 

2 set top box of claim 1, further comprising receiving third information that replaces the tier 

3 rights. 

1 3, The method for controlling access to the functional unit within the 

2 set top box of claim .1, wherein more than one of the tier rights could authorize further 

3 interaction with the functional unit identifier.. 

1 _ 4. The method for controlling access to the-functional unit within the 

2 set top box of claim 1, authenticating a source of at least one of the first and second 

3 information. - ■ 

1 5. The method for controlling access to the functional unit within the 

2 set top box of claim 1, wherein the functional unit comprises a discrete entity comprising 

3 at least one of sofhvare, hardware, drivers, firmware/data, video, and audio. 

1 6. The method for controlling access to the functional unit within the 

2 set top box of claim 1, further comprising receiving a plurality of streaming content 

3 functional units. 
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1 7. The method for controUing access to the functional unit within the 

2 'set top box of claim 1, wherein the set top box is integral with an enclosure for a display. 

1 " . 8. A conditional access system for controlling access to functional 

2 units, comprising: 

3 a set top box; 

4 a functional unit associated with the set top box; 

5 a requirements message comprising a functional unii identifier and one or 

6 more tier requirements related to the functional unit identifier, wherein the functional unit 
7' identifier is associated with the functional unit; 

8 a rights message comprising one or more tier nghts; and 

9 an authorization function that compares each of the one or more tier 

• 10 requirements against the one or more tier rights in order to authorize use of the functional 

11 unit. - . 

1 • 9- The conditional access system for controlling access to functional 

2 units of claim 8, further comprising an authentication function that authenticates a source 

3 of the rights and requirements messages. 

1 - 10. The conditional access system for controlling access to functional 

2 units of claim 8, further comprising a data channel between a headend and the set top box, 

3 wherein the data channel is one of bi-directional and omni-directional. 

1 11. The conditional access system for controlling access to functional 

2 units of claim 8, further comprising a second rights message to replace the tier rights. 

1 12. The conditional access system for controlling access to functional 

2 units of claim 8, further comprising a plurality of streaming content functional units sent 

3 from a headend to the set top box. 

1 13- The conditional access system for controlling access to functional 

2 units of claim 8, wherein the functional unit comprises a discrete entity comprising at 

3 least one of software, hardware, drivers, firmware, data, video, and audio. 

1 ' 14. The conditional access system for controlling access to functional 

2 units of claim. 8, wherem die set top box is integral to an enclosure for a display. 
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1 1 5. A method for controlling access to remotely-located and functional 

2 units within a conditional access system, comprising: 

3 determining first and second infomation to modify authorization of a 

4 remotely-located and functional unit; 

5 sending the first information compnsing a ftmctional unit identifier and at 

6 least one tier requirement related to the functional unit identifier; 

7 sending the second information comprising a tier right; and 

8 causing modification of an authorization state of the remotely located 

9 functional unit corresponding to the functional unit identifier. 

1 16. The method for controlling access to remotely-located and 

2 functional units within the conditional access system of claim 15, further comprising: 

3 sending third information comprising a replacement tier right; and 

4 causing further modification of the authorization state of the remotely- 

5 located and functional unit corresponding to the functional unir identifier. 

1 17. The method for controlling access to remotely-located and 

2 functional units within the conditional access system of claim 15, wherein the 

3 authorization state is one of authorized and unauthorized. 

1 18. The method for controlling access to remotely-located and 

2 - functional units within the conditional access system of claim 15, further comprising 

3 generating a signature over at least one of the first and second information. ' 

1 - 19. The method for controlling access to remotely-located and 

2 functional units within the conditional access system of claim 15, wherein more than one 

3 tier right could authorize use of the remotely-located and functional unit corresponding to 

4 the functional unit identifier. 

1 ' 20. The method for controlling access to remotely-located and 

2 functional units within the conditional access system of claim 15, further comprising 

3 sending a plurality of streaming content funcfional units to a remote location. 

1 21. The method for controlling access to. remotely-located and 

2 ftmctional units within the conditional access system of claim 15, wherein the remotely- 
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3 located and functional unit composes a discrete entity composing at least one of software, 

4 - hardware, drivers, firmware, data, video, and audio. 
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